Declarative deployment of a software artifact

ABSTRACT

There is provided a method that includes (a) scanning a repository to identify an artifact that is available in the repository, (b) producing a declaration that indicates that the artifact is to be installed on a target device, (c) querying the target device to obtain information about a present state of the artifact on the target device, thus yielding state information, (d) determining, from a comparison of the state information to the declaration, that the artifact on the target device is not up to date, and (e) deploying the artifact from the repository, and a serving program, to the target device. There is also provided a system that performs the method, and a storage device that contains instructions for a processor to perform the method.

BACKGROUND OF THE DISCLOSURE 1. Field of the Disclosure

The present disclosure relates to a method and a system for deploymentof a software artifact. The method and system are particularlywell-suited for deployment of a machine learning model.

2. Description of the Related Art

The approaches described in this section are approaches that could bepursued, but not necessarily approaches that have been previouslyconceived or pursued. Therefore, the approaches described in thissection may not be prior art to the claims in this application and arenot admitted to be prior art by inclusion in this section.

An artifact is a software object such as a data file or an executableprogram module.

The current state-of-the art for altering and deploying computersoftware follows this common cycle: 1) modify software, 2) compile,test, and version the software, and 3) specify configuration informationthat dictates how the software behaves in a specific environment, e.g.,a computer or a cluster of computers. These steps are termed‘imperative’ in nature because they are well defined steps for producingcomputer programs. Within the industry, tools relating to this commoncycle fall into a category termed ‘Continuous Integration’ because theyautomate this process of producing artifacts.

Once these artifacts are produced, the current state-of-the-art intooling, generally falling under the term ‘Continuous Deployment’,combine the artifacts and configuration information from step 3 above toinstall the program artifacts onto their ultimate deploymentenvironment, e.g., a computer or cluster of computers, often as aservice, which makes the functionality of the program available via anetwork. In modern environments where software is run in large clustersof computers, the steps for performing this deployment of software areno longer considered imperative, i.e., the software is not installed viaa sequence of steps implemented via human intervention. Instead, theartifacts (programs) and configuration act as a ‘declaration’ of thecontent, location, and behavior of how artifacts are deployed, and thetooling automatically synchronizes target computer clusters with thisdeclaration of content and target location.

Although the above processes work well when installing basic softwarethat may access a database for its information, the field of machinelearning poses a particular problem for existing tools for deployingcomputer software. In traditional programming, a program takes data asinput and produces answers. In the field of machine learning, input dataand known answers are used to create programs, however the “program” isnot the traditional idea of a program. It is a combination of a largedata file that is the result of machine learning, plus a genericcomputer program capable of using the data file, and many others, toproduce outputs. As a result, the generality of that computer programmay be paired with many separate data files during installation toproduce what appear from the outside as many different programs orservices, but in reality, are the result of pairing a single, moregeneral program with many input files that embed the true logic producedduring machine learning. Continuous deployment tools that are presentlyavailable do not conveniently facilitate this coupling of the genericcomputer program with its domain-specific data file during theinstallation process.

SUMMARY OF THE DISCLOSURE

There is provided a method that includes (a) scanning a repository toidentify an artifact that is available in the repository, (b) producinga declaration that indicates that the artifact is to be installed on atarget device, (c) querying the target device to obtain informationabout a present state of the artifact on the target device, thusyielding state information, (d) determining, from a comparison of thestate information to the declaration, that the artifact on the targetdevice is not up-to-date, and (e) deploying the artifact from therepository, and a serving program, to the target device. There is alsoprovided a system that performs the method, and a storage device thatcontains instructions for a processor to perform the method.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a system for deployment of a softwareartifact.

FIG. 2 is a block diagram of a deployment system that is a component ofthe system of FIG. 1 .

FIG. 3 is a block diagram of a policy manager that is a component of thedeployment system of FIG. 2 .

FIG. 4 is a block diagram of a deployment manager that is a component ofthe deployment system of FIG. 2 .

A component or a feature that is common to more than one drawing isindicated with the same reference number in each of the drawings.

DESCRIPTION OF THE DISCLOSURE

FIG. 1 is a block diagram of a system, namely system 100, for deploymentof a software artifact. System 100 includes an artifact.repository 105,a serving.program 107, a deployment.system 110, and a deployment.target115, each of which is typically implemented on a server.

Artifact.repository 105 is a file repository that organizes artifacts ina structured hierarchy so that deployment.system 110 can monitor itscontent. An example of artifact.repository 105 is a web server withwell-structured content that contains artifacts such as data files andcomputer programs.

Serving.program 107 is a generalized computer program that when pairedalongside an artifact from artifact.repository 105, can be installed ondeployment.target 115. In traditional programming, a program takes dataas input and produces answers using its embedded, pre-programmed logic.In the field of machine learning, however, in a phase known as“training” input data and known answers are used to create artifactsthat replace the traditional idea of a program by storing the programlogic into a data file and, in the context of system 100, an artifact inartifact.repository 105. Serving.program 107 is capable of reading theseartifacts to produce results when given input data.

Deployment.system 110 automates and verifies the deployment ofartifacts, e.g., machine learning models, by automatically scanning thecontent of artifact.repository 105 and ensuring they, i.e., artifacts,are installed alongside serving.program 107 on deployment.target 115.Deployment.system 110 compares the artifacts stored inartifact.repository 105 to those already installed on deployment.target115, and where it finds a discrepancy, takes the actions necessary tosynchronize deployment.target 115 with artifact.repository 105. Thisform of deployment is termed “declarative” since artifact.repository 105serves as a declaration for what should be made available ondeployment.target 115. Deployment.system 110 runs on a server thatperforms the deployment process, but is separate from the serverdedicated to deployment.target 115. Deployment.system 110 is furtherdescribed below, with reference to FIG. 2 .

Deployment.target 115 is a device that contains one or moreinstantiations of artifacts running as data in one or more instances ofserving.program 107. Deployment.target 115 could be any sort ofcomputer, but a typical example would be a cluster of servers where manyinstances of a computer program are required to provide highavailability of the program's functionality.

FIG. 2 is a block diagram of deployment.system 110. Deployment.system110 ensures that artifacts are properly deployed fromartifact.repository 105 to deployment.target 115. Deployment.system 110includes a policy.manager 205, a deployment.declaration 210, and adeployment.manager 215.

Policy.manager 205 scans artifact.repository 105 to obtain a list ofartifacts available therein, and produces deployment.declaration 210.Policy.manager 205 is further described below, with reference to FIG. 3.

Deployment.declaration 210 is a set of instructions concerning whichspecific artifacts are to be made available to deployment.target 115.

Deployment.manager 215 receives deployment.declaration 210, and basedthereon, deploys the specific artifacts to deployment.target 115.Deployment.manager 215 is further described below, with reference toFIG. 4 .

FIG. 3 is a block diagram of policy.manager 205. Policy.manager 205includes an artifact.discovery 305, a declaration.engine 310, and apolicy configuration, i.e., policy.config 315.

Artifact.discovery 305 periodically scans artifact.repository 105,maintains a list, namely artifact.list 307, of artifacts available inartifact.repository 105, and provides artifact.list 307 todeclaration.engine 310.

Policy.config 315 defines which of the artifacts found in theartifact.list 307 are to be considered for installation ondeployment.target 115. One item in the policy, for example, may statethat we only want to use the latest version of a given artifact to beinstalled whereas another artifact may require the previous two versionsbe installed. This is not to be confused with deployment.config 415(described below) which describes “how” instead of “whether” an artifactis installed.

Declaration.engine 310 consults policy.config 315 to determine whethereach artifact in artifact.list 307, and thus in artifact.repository 105,is ultimately to be deployed to deployment.target 115.

Declaration.engine 310 outputs deployment.declaration 210, which can beacted upon in subsequent processing.

FIG. 4 is a block diagram of deployment.manager 215. Deployment.manager215 includes a target.monitor 405, a difference.engine 410, a deploymentconfiguration, i.e., deployment.config 415, a deployer 420, and anorphan.detector 425. Deployment.manager 215 receivesdeployment.declaration 210, and ultimately deploys artifacts todeployment.target 115.

Target.monitor 405 queries deployment.target 115 to obtain informationabout a present state of artifacts on deployment.target 115.Target.monitor 405 saves this information in state.information 407.

Difference.engine 410 compares deployment.declaration 210 tostate.information 407, i.e., the current state of deployment.target 115.If difference.engine 410 finds a difference betweendeployment.declaration 210 and state.information 407, difference.engine410 concludes that an artifact on deployment.target 115 is notup-to-date, and thus invokes deployer 420.

Deployment.config 415 contains configuration information on how anartifact gets installed on the deployment.target 115. This includesinformation that identifies the scale of the deployment (the number ofinstances running) as well as the amount of resources (CPU, memory,etc.) that may be allocated to it. Compare this to policy.config 315,which declares which artifacts are to be made available, rather than howthey are to be installed.

A deployment.item 423 is a pairing of serving.program 107 and anartifact from artifact.repository 105 that is to be installed ondeployment.target 115. The many possible pairings of serving.program 107and artifacts produce many possible deployment items, each with its ownbehavior when installed on deployment.target 115.

Deployer 420 reads deployment.config 415 to obtain configuration thatdescribes how an artifact undergoing deployment will updatedeployment.target 115 to implement deployment.declaration 210. Deployer420 pairs serving.program 107 and the artifact into deployment.item 423.and then installs deployment.item 423 onto the deployment.target 115.

After deployer 420 has updated deployment.target 115, target.monitor 405obtains an updated status of deployment.target 115 fromdeployment.target 115, and saves the updated status as state.information407.

When all artifacts have been synchronized with deployment.target 115, anauxiliary action is taken, namely the invocation of orphan.detector 425.

Orphan.detector 425 considers the content of policy.config 315 and thefinal state of deployment.target 115 made available by target.monitor405 in state.information 407, and produces a report of artifactsinstalled on deployment.target 115 that are extraneous or undesired. Forexample, an artifact may have been deleted from artifact.repository 105,but not yet removed from deployment.target 115. The discrepancies arerecorded in the output of the execution (website update, email, etc.).Deletion of artifacts from deployment.target 115 may be performedautomatically, or as a manual operation to reduce the risk of unwantedmass deletions from deployment.target 115 due to a configuration error.

Example 1

For this example, artifacts include version information in their titles,e.g., 1.0.0 and 1.0.1. Version 1.0.1 represents a patch update toversion 1.0.0.

Assume artifact.repository 105 contains:

-   -   artifactA-1-0-0    -   artifactA-1-0-1

Operation 1-1. Policy.manager 205 periodically reads the content ofartifact.repository 105 and maintains artifact.list 307.

Thus, artifact.list 307 lists:

-   -   artifactA-1-0-0    -   artifactA-1-0-1

Operation 1-2. As mentioned above, policy.config 315 defines which ofthe artifacts found in the artifact.list 307 are to be considered forinstallation on deployment.target 115. Declaration.engine 310 consultspolicy.config 315 to determine whether each artifact in artifact.list307 is ultimately to be deployed to deployment.target 115.

Assume policy.config 315 indicates:

-   -   artifactA: deploy-only-latest-version

Declaration.engine 310 accepts the list of artifacts, artifact.list 307,and the policy configuration relevant for those artifacts, i.e.,policy.config 315, and produces deployment.declaration 210. In thisexample, since policy.config 315 indicates “artifactA:deploy-only-latest-version”, artifactA-1-0-0 is not to be deployed sinceonly the latest version, artifactA-1-0-1, is to be deployed.

Thus, deployment.declaration 210 indicates:

-   -   deploy: artifactA-1-0-1

Operation 1-3. Target.monitor 405 queries deployment.target 115 toobtain the current status of deployment.target 115, and saves thecurrent status as state.information 407. For example, assumedeployment.target 115 presently has artifactA-1-0-0 and artifactB-1-0-0installed thereon. Accordingly, target.monitor 405 will updatestate.information 407.

Thus, state.information 407 indicates:

-   -   artifactA-1-0-0    -   artifactB-1-0-0

Note that in operation 1-1, artifact.repository 105 did not includeartifactB-1-0-0. Thus, policy.manager 205 did not find artifactB-1-0-0in artifact.repository 105, and policy.manager 205 did not includeartifactB-1-0-0 in artifact.list 307.

Also, recall that a program installed on deployment.target 115 is apairing of serving.program 107 and an artifact, as a deployment.item423. As such, in operation 1-3, state.information 407 is implying thatdeployment.target 115 presently includes deployment.items 423 configuredas (a) serving.program 107+artifactA-1-0-0, and (b) serving.program107+artifactB-1-0-0.

Operation 1-4. Difference.engine 410 compares deployment.declaration 210to state.information 407, i.e., the current state of deployment.target115. Difference.engine 410 recognizes that artifactA-1-0-1 is notinstalled on deployment.target 115, and so, difference.engine 410invokes deployer 420 with artifactA-1-0-1.

Operation 1-5. As mentioned above, deployment.config 415 containsconfiguration information on how an artifact gets installed on thedeployment.target 115. Deployer 420 reads deployment.config 415 toobtain configuration information that is relevant to the artifactundergoing deployment, then effects the changes to deployment.target 115to implement deployment.declaration 210 by sending it a deployment.item423 that contains serving.program 107 paired with artifactA-1-0-1.

Assume deployment.config 415 indicates:

-   -   artifactA:        -   deploy with autoscaling        -   deploy with a minimum of 5 instances of this artifact            available for use        -   deploy with increased central processing unit (CPU) and            memory resources

Deployer 420 installs deployment.item 423 (i.e., serving.program107+artifactA-1-0-1) as its input onto deployment.target 115. In thisexample, per policy.config 315, deployer 420 will replace the olddeployment.item 423 (i.e., serving.program 107+artifactA-1-0-0) with thenewer pairing, thus updating deployment.target 115. Perdeployment.config 415, the number of running instances of thisdeployment.item 423 should be configured on deployment.target 115 suchthat they increase and decrease according to demand. Likewise, perdeployment.config 415, deployment.target 115 should ensure that at least5 instances of deployment.item 423 remain running and that they haveaugmented CPU and memory resources.

Operation 1-6. After deployer 420 has updated deployment.target 115,target.monitor 405 obtains an updated status of deployment.target 115,from deployment.target 115, and saves the updated status asstate.information 407.

Thus, state.information 407 indicates:

-   -   artifactA-1-0-1    -   artifactB-1-0-0

Operation 1-7. Orphan.detector 425 considers the latest output oftarget.monitor 405, i.e., state.information 407, and the content ofpolicy.config 315. Recall that for the present example, policy.config315 indicates only “artifactA: deploy-only-latest-version”. Accordingly,orphan.detector 425 logs the fact that artifactB-1-0-0 was found to beinstalled, but according to the policy.config 315, should not be inservice. Deployment.target 115 can then be directed to uninstall theinstance of artifactB-1-0-0.

Example 2

Assume that machine learning techniques have been applied to create twoneural networks capable of recognizing the breed of cats and dogs, andstored these neural networks in data files as artifacts inartifact.repository 105. These artifacts are created separately andintended to function independently. They also carry version informationin their title, e.g., 1.0.0 and 1.0.1. Version 1.0.1 represents a patchupdate to version 1.0.0.

Assume artifact.repository 105 contains:

-   -   cats-1-0-0    -   cats-1-0-1    -   dogs-1-0-0

Operation 2-1. Policy.manager 205 periodically reads the content ofartifact.repository 105 and prepares artifact.list 307.

Thus, artifact.list 307 lists:

-   -   cats-1-0-0    -   cats-1-0-1    -   dogs-1-0-0

Operation 2-2. As mentioned above, policy.config 315 defines which ofthe artifacts found in the artifact.list 307 are to be considered forinstallation on deployment.target 115. Declaration.engine 310 consultspolicy.config 315 to determine how each artifact in artifact.list 307,and thus in artifact.repository 105, is ultimately to be deployed todeployment.target 115.

Assume policy.config 315 indicates:

-   -   cats: deploy-only-latest-version    -   dogs: deploy-only-latest-version

Declaration.engine 310 accepts the list of artifacts, i.e.,artifact.list 307, and the policy configuration relevant for thoseartifacts, i.e., from policy.config 315, and producesdeployment.declaration 210. In this example, policy.config 315 dictatesthat cats-1-0-0 is not to be deployed since only the latest version,i.e., cats-1-0-1, is to be used.

Thus, deployment.declaration 210 indicates:

-   -   deploy: cats-1-0-1    -   deploy: dogs-1-0-0

Operation 2-3. Target.monitor 405 queries deployment.target 115 toobtain the current status of deployment.target 115, and saves thecurrent status as state.information 407. For example, assumedeployment.target 115 presently has cats-1-0-0 and birds-1-0-0 installedthereon. Accordingly, target.monitor 405 will update state.information407.

Thus, state.information 407 indicates:

-   -   cats-1-0-0    -   birds-1-0-0

Recall that a program installed on deployment.target 115 is a pairing ofserving.program 107 and an artifact, as a deployment.item 423. As such,in operation 2-3, state.information 407 is implying thatdeployment.target 115 presently includes deployment.items 423 configuredas (a) serving.program 107+cats-1-0-0, and (b) serving.program107+birds-1-0-0.

Operation 2-4. Difference.engine 410 compares deployment.declaration 210to state.information 407, i.e., the current state of deployment.target115. Difference.engine 410 recognizes that neither cats-1-0-1 nordogs-1-0-0 is installed on deployment.target 115, and so,difference.engine 410 invokes deployer 420 with cats-1-0-1 anddogs-1-0-0.

Operation 2-5. As mentioned above, deployment.config 415 containsconfiguration information on how an artifact gets installed on thedeployment.target 115. Deployer 420 reads deployment.config 415 toobtain configuration information that is relevant to the artifact(s)undergoing deployment, then effects the changes to deployment.target 115to implement deployment.declaration 210.

Assume deployment.config 415 indicates:

-   -   cats:        -   deploy with autoscaling        -   deploy with a minimum of 5 instances of this artifact            available for use        -   deploy with increased central processing unit (CPU) and            memory resources    -   dogs:        -   deploy with exactly 10 running instances of this program

According to state.information 407, a deployment.item 423 configured ofserving.program 107+cats-1-0-0 is presently installed ondeployment.target 115. Note that there is NO instance of adeployment.item 423 configured of serving.program 107+dogs-1-0-0.Deployer 420 therefore replaces the deployment.item 423 configured ofserving.program 107+cats-1-0-0 with a deployment.item 423 configured ofserving.program 107+cats-1-0-1. Deployer 420 also installs adeployment.item 423 configured of serving.program 107+dogs-1-0-0 sincethis was not present on deployment.target 115. This bringsdeployment.target 115 up to date according to deployment.declaration210.

During the deployment, deployment.config 415 is taken into considerationas well. In this example serving.program 107+cats-1-0-1 is deployed suchthat deployment.target 115 will automatically increase and decrease thenumber of running instances of the deployment item according to demand.Similarly, the number of running instances of serving.program107+dogs-1-0-0 should be exactly 10.

Operation 2-6. After deployer 420 has updated deployment.target 115,target.monitor 405 obtains the updated status of deployment.target 115from deployment.target 115, and saves the updated status asstate.information 407.

Thus, state.information 407 indicates:

-   -   cats-1-0-1    -   dogs-1-0-0    -   birds-1-0-0

Operation 2-7. Orphan.detector 425, considers the latest output oftarget.monitor 405, i.e., state.information 407, and the content ofpolicy.config 315. Recall that for the present example, policy.config315 indicates “cats: deploy-only-latest-version” and “dogs:deploy-only-latest-version”. Accordingly, orphan.detector 425 logs thefact that birds-1-0-0 was found to be installed, but according topolicy.config 315, should not be in service.

Each of artifact.repository 105, deployment.system 110 anddeployment.target 115 is a device that includes electronic circuitrythat performs operations to execute methods or processes describedherein. The circuitry may be implemented with any or all of (a) discreteelectronic components, (b) firmware, or (c) a programmable circuit thatincludes a processor and a memory. Such a processor is an electronicdevice configured of logic circuitry that responds to and executesinstructions. Such a memory is a tangible, non-transitory,computer-readable storage device encoded with a computer program. Inthis regard, the memory stores data and instructions, i.e., programcode, that are readable and executable by the processor for controllingoperations of the processor. The memory may be implemented in arandom-access memory (RAM), a hard drive, a read only memory (ROM), or acombination thereof.

Such a processor and memory may be implemented in a computer. Thecomputer can be a standalone device or coupled to other devices in adistributed processing system.

Additionally, the program code may be configured on a storage device forsubsequent loading into the memory. Such a storage device is a tangible,non-transitory, computer-readable storage device, and examples include(a) a compact disk, (b) a magnetic tape, (c) a read only memory, (d) anoptical storage medium, (e) a hard drive, (f) a memory unit consistingof multiple parallel hard drives, (g) a universal serial bus (USB) flashdrive, (h) a random-access memory, and (i) an electronic storage devicecoupled the components of system 100 via a data network, e.g., theInternet.

The program code may be configured in one or more modules. The term“module” is used herein to denote a functional operation that may beembodied either as a stand-alone component or as an integratedconfiguration of a plurality of subordinate components. Thus, a modulemay be implemented as a single module or as a plurality of sub-ordinatemodules that operate in cooperation with one another.

The processes described herein, as compared to the prior art, reduce thecomplexity of how artifacts, which may number in the hundreds orthousands, are deployed onto their target computer systems. Byautomating the installation of a general-purpose program, i.e.,serving.program 107, each with its own input artifact, the burden ofmanaging the large number of artifacts as separate programs is removed.

In review, in an exemplary method, deployment.system 110 performsoperations of:

-   -   (a) artifact.discovery 305 scanning artifact.repository 105 to        identify an artifact that is available in artifact.repository        105;    -   (b) declaration.engine 310 producing a deployment.declaration        210 that indicates that the artifact is to be installed on        deployment.target 115;    -   (c) target.monitor 405 querying deployment.target 115 to obtain        information about a present state of the artifact on        deployment.target 115, thus yielding state.information 407;    -   (d) difference.engine 410 determining, from a comparison of        state.information 407 to deployment.declaration 210, that the        artifact on deployment.target 115 is not up to date; and    -   (e) deployer 420 deploying (i) the artifact from        artifact.repository 105, and (ii) serving.program 107, to        deployment.target 115.

Producing deployment.declaration 210 includes declaration.engine 310 (a)obtaining policy.config 315 concerning whether the artifact inartifact.repository 105 is to be installed, and (b) preparingdeployment.declaration 210 in accordance with policy.config 315.

Additionally, the exemplary method includes (a) target.monitor 405querying deployment.target 115 to obtain information about an updatedstate of the artifact on deployment.target 115, thus yielding updatedstate.information 407, and (b) difference.engine 410 determining fromthe updated state.information 407, in view of policy.config 315, thatdeployment.target 115 includes an extraneous artifact.

Deploying the artifact from artifact.repository 105 and serving.program107 to deployment.target 115 includes deployer 420 obtainingdeployment.config 415, where serving.program 107 is installed with theartifact from artifact.repository 105 onto deployment.target 115 inaccordance with deployment.config 415.

Also, in the exemplary method, the artifact from artifact.repository 105is a machine learning model.

System 100 facilitates and simplifies the deployment and management of alarge number of data files (artifacts) that embed the logic of aprogram's functionality in data as with a neural network that is wrappedin a generic serving program capable of interpreting and using the datafiles. Prior art deployment tooling does not pair data artifacts, suchas neural networks, with a generic serving program, and thereforeresults in an explosion in the number of “programs” to manage.

The techniques described herein are exemplary, and should not beconstrued as implying any particular limitation on the presentdisclosure. It should be understood that various alternatives,combinations, and modifications could be devised by those skilled in theart. For example, operations associated with the processes describedherein can be performed in any order, unless otherwise specified ordictated by the operations themselves. The present disclosure isintended to embrace all such alternatives, modifications and variancesthat fall within the scope of the appended claims.

The terms “comprises” or “comprising” are to be interpreted asspecifying the presence of the stated features, integers, operations, orcomponents, but not precluding the presence of one or more otherfeatures, integers, operations or components or groups thereof. Theterms “a” and “an” are indefinite articles, and as such, do not precludeembodiments having pluralities of articles.

What is claimed is:
 1. A method comprising: scanning a repository toidentify an artifact that is available in said repository; producing adeclaration that indicates that said artifact is to be installed on atarget device; querying said target device to obtain information about apresent state of said artifact on said target device, thus yieldingstate information; determining, from a comparison of said stateinformation to said declaration, that said artifact on said targetdevice is not up to date; and deploying (i) said artifact from saidrepository, and (ii) a serving program, to said target device.
 2. Themethod of claim 1, wherein said producing said declaration comprises:obtaining policy configuration information concerning whether saidartifact in said repository is to be installed; and preparing saiddeclaration in accordance with said policy configuration information. 3.The method of claim 2, further comprising, after said deploying:querying said target device to obtain information about an updated stateof said artifact on said target device, thus yielding updated stateinformation; and determining from said updated state information, inview of said policy configuration information, that said target deviceincludes an extraneous artifact.
 4. The method of claim 1, wherein saiddeploying further comprises: obtaining deployment configurationinformation, wherein said serving program is installed with saidartifact from said repository onto said target device in accordance withsaid deployment configuration information.
 5. The method of claim 1,wherein said artifact is a machine learning model.
 6. A systemcomprising: a processor; and a memory that contains instructions thatare readable by said processor to cause said processor to performoperations of: scanning a repository to identify an artifact that isavailable in said repository; producing a declaration that indicatesthat said artifact is to be installed on a target device; querying saidtarget device to obtain information about a present state of saidartifact on said target device, thus yielding state information;determining, from a comparison of said state information to saiddeclaration, that said artifact on said target device is not up to date;and deploying (i) said artifact from said repository, and (ii) a servingprogram, to said target device.
 7. The system of claim 6, wherein saidproducing said declaration comprises: obtaining policy configurationinformation concerning whether said artifact in said repository is to beinstalled; and preparing said declaration in accordance with said policyconfiguration information.
 8. The system of claim 7, wherein saidinstructions cause said processor to perform further operations of,after said deploying: querying said target device to obtain informationabout an updated state of said artifact on said target device, thusyielding updated state information; and determining from said updatedstate information, in view of said policy configuration information,that said target device includes an extraneous artifact.
 9. The systemof claim 6, wherein said deploying also includes: obtaining deploymentconfiguration information, wherein said serving program is installedwith said artifact from said repository onto said target device inaccordance with said deployment configuration information.
 10. Thesystem of claim 6, wherein said artifact is a machine learning model.11. A storage device that is non-transitory, comprising instructionsthat are readable by a processor to cause said processor to performoperations of: scanning a repository to identify an artifact that isavailable in said repository; producing a declaration that indicatesthat said artifact is to be installed on a target device; querying saidtarget device to obtain information about a present state of saidartifact on said target device, thus yielding state information;determining, from a comparison of said state information to saiddeclaration, that said artifact on said target device is not up to date;and deploying (i) said artifact from said repository, and (ii) a servingprogram, to said target device.
 12. The storage device of claim 11,wherein said producing said declaration comprises: obtaining policyconfiguration information concerning whether said artifact in saidrepository is to be installed; and preparing said declaration inaccordance with said policy configuration information.
 13. The storagedevice of claim 12, wherein said instructions cause said processor toperform further operations of, after said deploying: querying saidtarget device to obtain information about an updated state of saidartifact on said target device, thus yielding updated state information;and determining from said updated state information, in view of saidpolicy configuration information, that said target device includes anextraneous artifact.
 14. The storage device of claim 11, wherein saiddeploying also includes: obtaining deployment configuration information,wherein said serving program is installed with said artifact from saidrepository onto said target device in accordance with said deploymentconfiguration information.
 15. The storage device of claim 11, whereinsaid artifact is a machine learning model.